1 .\" $Id: kerberos.3,v 1.2 1996/06/12 21:29:18 bg Exp $
2 .\" $FreeBSD: src/crypto/kerberosIV/man/kerberos.3,v 1.2 2000/02/24 20:21:14 markm Exp $
3 .\" $DragonFly: src/crypto/kerberosIV/man/Attic/kerberos.3,v 1.2 2003/06/17 04:24:36 dillon Exp $
4 .\" Copyright 1989 by the Massachusetts Institute of Technology.
6 .\" For copying and distribution information,
7 .\" please see the file <mit-copyright.h>.
9 .TH KERBEROS 3 "Kerberos Version 4.0" "MIT Project Athena"
11 krb_mk_req, krb_rd_req, krb_kntoln, krb_set_key, krb_get_cred,
12 krb_mk_priv, krb_rd_priv, krb_mk_safe, krb_rd_safe, krb_mk_err,
13 krb_rd_err, krb_ck_repl \- Kerberos authentication library
18 #include <openssl/des.h>
22 extern char *krb_err_txt[];
25 int krb_mk_req(authent,service,instance,realm,checksum)
33 int krb_rd_req(authent,service,instance,from_addr,ad,fn)
42 int krb_kntoln(ad,lname)
47 int krb_set_key(key,cvt)
52 int krb_get_cred(service,instance,realm,c)
59 long krb_mk_priv(in,out,in_length,schedule,key,sender,receiver)
64 des_key_schedule schedule;
65 struct sockaddr_in *sender;
66 struct sockaddr_in *receiver;
69 long krb_rd_priv(in,in_length,schedule,key,sender,receiver,msg_data)
72 Key_schedule schedule;
74 struct sockaddr_in *sender;
75 struct sockaddr_in *receiver;
79 long krb_mk_safe(in,out,in_length,key,sender,receiver)
84 struct sockaddr_in *sender;
85 struct sockaddr_in *receiver;
88 long krb_rd_safe(in,length,key,sender,receiver,msg_data)
92 struct sockaddr_in *sender;
93 struct sockaddr_in *receiver;
97 long krb_mk_err(out,code,string)
103 long krb_rd_err(in,length,code,msg_data)
111 This library supports network authentication and various related
112 operations. The library contains many routines beyond those described
113 in this man page, but they are not intended to be used directly.
114 Instead, they are called by the routines that are described, the
115 authentication server and the login program.
118 contains text string descriptions of various Kerberos error codes returned
119 by some of the routines below.
122 takes a pointer to a text structure in which an authenticator is to be
123 built. It also takes the name, instance, and realm of the service to be
124 used and an optional checksum. It is up to the application to decide
125 how to generate the checksum.
127 then retrieves a ticket for the desired service and creates an
128 authenticator. The authenticator is built in
131 to the calling procedure.
133 It is up to the application to get the authenticator to the service
134 where it will be read by
136 Unless an attacker posesses the session key contained in the ticket, it
137 will be unable to modify the authenticator. Thus, the checksum can be
138 used to verify the authenticity of the other data that will pass through
142 takes an authenticator of type
144 a service name, an instance, the address of the
145 host originating the request, and a pointer to a structure of type
147 which is filled in with information obtained from the authenticator.
148 It also optionally takes the name of the file in which it will find the
149 secret key(s) for the service.
152 contains "*", then the first service key with the same service name
153 found in the service key file will be used, and the
155 argument will be filled in with the chosen instance. This means that
156 the caller must provide space for such an instance name.
158 It is used to find out information about the principal when a request
159 has been made to a service. It is up to the application protocol to get
160 the authenticator from the client to the service. The authenticator is
163 to extract the desired information.
166 returns zero (RD_AP_OK) upon successful authentication. If a packet was
167 forged, modified, or replayed, authentication will fail. If the
168 authentication fails, a non-zero value is returned indicating the
169 particular problem encountered. See
171 for the list of error codes.
173 If the last argument is the null string (""), krb_rd_req will use the
174 file /etc/srvtab to find its keys. If the last argument is NULL, it
175 will assume that the key has been set by
177 and will not bother looking further.
180 converts a Kerberos name to a local name. It takes a structure
181 of type AUTH_DAT and uses the name and instance to look in the database
182 /etc/aname to find the corresponding local name. The local name is
183 returned and can be used by an application to change uids, directories,
184 or other parameters. It is not an integral part of Kerberos, but is
185 instead provided to support the use of Kerberos in existing utilities.
188 takes as an argument a des key. It then creates
189 a key schedule from it and saves the original key to be used as an
190 initialization vector.
191 It is used to set the server's key which
192 must be used to decrypt tickets.
194 If called with a non-zero second argument,
196 will first convert the input from a string of arbitrary length to a DES
197 key by encrypting it with a one-way function.
199 In most cases it should not be necessary to call
201 The necessary keys will usually be obtained and set inside
202 .I krb_rd_req. krb_set_key
203 is provided for those applications that do not wish to place the
204 application keys on disk.
207 searches the caller's ticket file for a ticket for the given service, instance,
208 and realm; and, if a ticket is found, fills in the given CREDENTIALS structure
209 with the ticket information.
211 If the ticket was found,
214 If the ticket file can't be found, can't be read, doesn't belong to
215 the user (other than root), isn't a regular file, or is in the wrong
216 mode, the error GC_TKFIL is returned.
219 creates an encrypted, authenticated
220 message from any arbitrary application data, pointed to by
225 The private session key, pointed to by
227 and the key schedule,
229 are used to encrypt the data and some header information using
234 point to the Internet address of the two parties.
235 In addition to providing privacy, this protocol message protects
236 against modifications, insertions or replays. The encapsulated message and
237 header are placed in the area pointed to by
239 and the routine returns the length of the output, or -1 indicating
243 decrypts and authenticates a received
247 points to the beginning of the received message, whose length
250 The private session key, pointed to by
252 and the key schedule,
254 are used to decrypt and verify the received message.
260 The routine fills in the
262 field with a pointer to the decrypted application data,
264 with the length of the
270 with the timestamps in the message, and
272 with a 1 if the byte order of the receiver is different than that of
273 the sender. (The application must still determine if it is appropriate
274 to byte-swap application data; the Kerberos protocol fields are already taken
277 field returns a value useful as input to the
281 The routine returns zero if ok, or a Kerberos error code. Modified messages
282 and old messages cause errors, but it is up to the caller to
283 check the time sequence of messages, and to check against recently replayed
289 creates an authenticated, but unencrypted message from any arbitrary
296 The private session key, pointed to by
300 checksum algorithm used as part of the authentication.
304 point to the Internet address of the two parties.
305 This message does not provide privacy, but does protect (via detection)
306 against modifications, insertions or replays. The encapsulated message and
307 header are placed in the area pointed to by
309 and the routine returns the length of the output, or -1 indicating
311 The authentication provided by this routine is not as strong as that
314 or by computing the checksum using
316 instead, both of which authenticate via DES.
320 authenticates a received
324 points to the beginning of the received message, whose length
327 The private session key, pointed to by
329 is used to seed the quad_cksum() routine as part of the authentication.
335 The routine fills in these
340 field with a pointer to the application data,
342 with the length of the
348 with the timestamps in the message, and
350 with a 1 if the byte order of the receiver is different than that of
352 (The application must still determine if it is appropriate
353 to byte-swap application data; the Kerberos protocol fields are already taken
356 field returns a value useful as input to the
360 The routine returns zero if ok, or a Kerberos error code. Modified messages
361 and old messages cause errors, but it is up to the caller to
362 check the time sequence of messages, and to check against recently replayed
368 constructs an application level error message that may be used along
374 is a pointer to the output buffer,
376 is an application specific error code, and
378 is an application specific error string.
386 points to the beginning of the received message, whose length
390 is a pointer to a value to be filled in with the error
391 value provided by the application.
397 The routine fills in these
401 field with a pointer to the application error text,
403 with the length of the
407 with a 1 if the byte order of the receiver is different than that of
408 the sender. (The application must still determine if it is appropriate
409 to byte-swap application data; the Kerberos protocol fields are already taken
412 The routine returns zero if the error message has been successfully received,
413 or a Kerberos error code.
417 structure is used to pass around text of varying lengths. It consists
418 of a buffer for the data, and a length. krb_rd_req takes an argument of this
419 type containing the authenticator, and krb_mk_req returns the
420 authenticator in a structure of this type. KTEXT itself is really a
421 pointer to the structure. The actual structure is of type KTEXT_ST.
425 structure is filled in by krb_rd_req. It must be allocated before
426 calling krb_rd_req, and a pointer to it is passed. The structure is
427 filled in with data obtained from Kerberos.
429 structure is filled in by either krb_rd_priv, krb_rd_safe, or
430 krb_rd_err. It must be allocated before the call and a pointer to it
431 is passed. The structure is
432 filled in with data obtained from Kerberos.
449 kerberos(1), des_crypt(3)
453 .I krb_rd_req, krb_rd_priv, and krb_rd_safe
454 must check time order and for replay attempts.
456 is not implemented yet.
458 Clifford Neuman, MIT Project Athena
460 Steve Miller, MIT Project Athena/Digital Equipment Corporation
462 COPYRIGHT 1985,1986,1989 Massachusetts Institute of Technology